It has been a long time since I created a post here .
I just installed AppArmor in my new garuda installation(learning new stuff), so I wondered why Garuda is not shipping with AppArmor installed.
Shouldn't it improve security?
Garuda is focused on performance while higher security usually results in a performance tradeoff or creates weird issues with games, but I don't know much about the affects of apparmor.
There is not much difference in the last(with AppArmor enabled) geekbench test and the rest of the tests.
I can think of a few reasons:
- For apparmor to work it requires careful management of the profiles
- Since Arch doesn't ship out of the box with apparmor profiles that would mean the Garuda team would end up responsible for that which would be a substantial burden on a relatively small team.
- Apparmor will introduce compatibility issues with applications that also have to be managed and understood. It is questionable if the Garuda user base would appreciate the trade-off
- Not all kernels ship with support for apparmor
- If an individual wants apparmor support, it isn't that hard to setup for yourself. You just need to be responsible for managing the profiles yourself. There is a pretty good set of profiles to start with in AUR.
I see that there is much difference between last test and others, especially on single core.
The lower scores are when I tested without the charger plugged in.
Hi Austin, I believe this is all Arch spirit to be minimal and allowing user to decide what makes sense or not to install, not like some other distros all inclusive!
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.